Language

English Français 日本語 한국어 Español

Datadog Site

Site help
US1 US3 US5 EU AP1 AP2 US1-FED US2-FED

List scanned assets metadata

Note: This endpoint is a private preview. If you are interested in accessing this API, fill out this form.

GET https://api.ap1.datadoghq.com/api/v2/security/scanned-assets-metadatahttps://api.ap2.datadoghq.com/api/v2/security/scanned-assets-metadatahttps://api.datadoghq.eu/api/v2/security/scanned-assets-metadatahttps://api.ddog-gov.com/api/v2/security/scanned-assets-metadatahttps://api.us2.ddog-gov.com/api/v2/security/scanned-assets-metadatahttps://api.datadoghq.com/api/v2/security/scanned-assets-metadatahttps://api.us3.datadoghq.com/api/v2/security/scanned-assets-metadatahttps://api.us5.datadoghq.com/api/v2/security/scanned-assets-metadata

Overview

Get a list of security scanned assets metadata for an organization.

Pagination

For the “List Vulnerabilities” endpoint, see the Pagination section.

Filtering

For the “List Vulnerabilities” endpoint, see the Filtering section.

Metadata

For the “List Vulnerabilities” endpoint, see the Metadata section.

This endpoint returns additional metadata for cloud resources that is not available from the standard resource endpoints. To access a richer dataset, call this endpoint together with the relevant resource endpoint(s) and merge (join) their results using the resource identifier.

Hosts

To enrich host data, join the response from the Hosts endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

ENDPOINTJOIN KEYTYPE
/api/v1/hostshost_list.host_namestring
/api/v2/security/scanned-assets-metadatadata.attributes.asset.namestring

Host Images

To enrich host image data, join the response from the Hosts endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

ENDPOINTJOIN KEYTYPE
/api/v1/hostshost_list.tags_by_source[“Amazon Web Services”][“image”]string
/api/v2/security/scanned-assets-metadatadata.attributes.asset.namestring

Container Images

To enrich container image data, join the response from the Container Images endpoint with the response from the scanned-assets-metadata endpoint on the following key fields:

ENDPOINTJOIN KEYTYPE
/api/v2/container_imagesdata.attributes.name@data.attributes.repo_digeststring
/api/v2/security/scanned-assets-metadatadata.attributes.asset.namestring
This endpoint requires the appsec_vm_read permission.

Arguments

Query Strings

Name

Type

Description

page[token]

string

Its value must come from the links section of the response of the first request. Do not manually edit it.

page[number]

integer

The page number to be retrieved. It should be equal to or greater than 1.

filter[asset.type]

enum

The type of the scanned asset.
Allowed enum values: Host, HostImage, Image

filter[asset.name]

string

The name of the scanned asset.

filter[last_success.origin]

string

The origin of last success scan.

filter[last_success.env]

string

The environment of last success scan.

Response

OK

The expected response schema when listing scanned assets metadata.

Expand All

Field

Type

Description

data [required]

[object]

List of scanned assets metadata.

attributes [required]

object

The attributes of a scanned asset metadata.

asset [required]

object

The asset of a scanned asset metadata.

name [required]

string

The name of the asset.

type [required]

enum

The cloud asset type Allowed enum values: Host,HostImage,Image

first_success_timestamp [required]

string

The timestamp when the scan of the asset was performed for the first time.

last_success [required]

object

Metadata for the last successful scan of an asset.

env

string

The environment of the last success scan of the asset.

origin

[string]

The list of origins of the last success scan of the asset.

timestamp [required]

string

The timestamp of the last success scan of the asset.

id [required]

string

The ID of the scanned asset metadata.

links

object

The JSON:API links related to pagination.

first [required]

string

First page link.

last [required]

string

Last page link.

next

string

Next page link.

previous

string

Previous page link.

self [required]

string

Request link.

meta

object

The metadata related to this request.

count [required]

int64

Number of entities included in the response.

token [required]

string

The token that identifies the request.

total [required]

int64

Total number of entities across all pages.

{
  "data": [
    {
      "attributes": {
        "asset": {
          "name": "i-0fc7edef1ab26d7ef",
          "type": "Host"
        },
        "first_success_timestamp": "2025-07-08T07:24:53Z",
        "last_success": {
          "env": "prod",
          "origin": [
            "production"
          ],
          "timestamp": "2025-07-08T07:24:53Z"
        }
      },
      "id": "Host|i-0fc7edef1ab26d7ef"
    }
  ],
  "links": {
    "first": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=1\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4",
    "last": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=15\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4",
    "next": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=16\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4",
    "previous": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=14\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4",
    "self": "https://api.datadoghq.com/api/v2/security/vulnerabilities?filter%5Btool%5D=Infra"
  },
  "meta": {
    "count": 150,
    "token": "b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4",
    "total": 152431
  }
}

Bad request: The server cannot process the request due to invalid syntax in the request.

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Forbidden: Access denied

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Not found: asset not found

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  # Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/security/scanned-assets-metadata" \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}"

                
"""
List scanned assets metadata returns "OK" response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi

configuration = Configuration()
configuration.unstable_operations["list_scanned_assets_metadata"] = True
with ApiClient(configuration) as api_client:
    api_instance = SecurityMonitoringApi(api_client)
    response = api_instance.list_scanned_assets_metadata()

    print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" python3 "example.py"
# List scanned assets metadata returns "OK" response

require "datadog_api_client"
DatadogAPIClient.configure do |config|
  config.unstable_operations["v2.list_scanned_assets_metadata".to_sym] = true
end
api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new
p api_instance.list_scanned_assets_metadata()

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" rb "example.rb"
// List scanned assets metadata returns "OK" response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	configuration.SetUnstableOperationEnabled("v2.ListScannedAssetsMetadata", true)
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewSecurityMonitoringApi(apiClient)
	resp, r, err := api.ListScannedAssetsMetadata(ctx, *datadogV2.NewListScannedAssetsMetadataOptionalParameters())

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.ListScannedAssetsMetadata`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.ListScannedAssetsMetadata`:\n%s\n", responseContent)
}

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" go run "main.go"
// List scanned assets metadata returns "OK" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.SecurityMonitoringApi;
import com.datadog.api.client.v2.model.ScannedAssetsMetadata;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    defaultClient.setUnstableOperationEnabled("v2.listScannedAssetsMetadata", true);
    SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient);

    try {
      ScannedAssetsMetadata result = apiInstance.listScannedAssetsMetadata();
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println("Exception when calling SecurityMonitoringApi#listScannedAssetsMetadata");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" java "Example.java"
// List scanned assets metadata returns "OK" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_security_monitoring::ListScannedAssetsMetadataOptionalParams;
use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI;

#[tokio::main]
async fn main() {
    let mut configuration = datadog::Configuration::new();
    configuration.set_unstable_operation_enabled("v2.ListScannedAssetsMetadata", true);
    let api = SecurityMonitoringAPI::with_config(configuration);
    let resp = api
        .list_scanned_assets_metadata(ListScannedAssetsMetadataOptionalParams::default())
        .await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" cargo run
/**
 * List scanned assets metadata returns "OK" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
configuration.unstableOperations["v2.listScannedAssetsMetadata"] = true;
const apiInstance = new v2.SecurityMonitoringApi(configuration);

apiInstance
  .listScannedAssetsMetadata()
  .then((data: v2.ScannedAssetsMetadata) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" tsc "example.ts"